[all:vars]
ansible_user=student{{ item }}
ansible_ssh_pass={{ admin_password }}
{% if ssh_port is defined %}
ansible_port={{ ssh_port }}
{% endif %}

[web]
{% for vm in node1_node_facts.instances %}
{% if 'student' + item == vm.tags.Student %}
{{ vm.tags.short_name }} ansible_host={{ vm.public_ip_address }}
{% endif %}
{% endfor %}
{% for vm in node2_node_facts.instances %}
{% if 'student' + item == vm.tags.Student %}
{{ vm.tags.short_name }} ansible_host={{ vm.public_ip_address }}
{% endif %}
{% endfor %}
{% for vm in node3_node_facts.instances %}
{% if 'student' + item == vm.tags.Student %}
{{ vm.tags.short_name }} ansible_host={{ vm.public_ip_address }}
{% endif %}
{% endfor %}

[lb]
{% for vm in f5_node_facts.instances %}
{% if 'student' + item == vm.tags.Student %}
f5 ansible_host={{ vm.public_ip_address }} ansible_user=admin private_ip={{ vm.private_ip_address }} ansible_ssh_pass={{admin_password}}
{% endif %}
{% endfor %}

[control]
{% for vm in ansible_node_facts.instances %}
{% if 'student' + item == vm.tags.Student %}
{{ vm.tags.short_name }} ansible_host={{ vm.public_ip_address }}
{% endif %}
{% endfor %}

[routers:vars]
ansible_ssh_private_key_file=~/.ssh/aws-private.pem

[routers:children]
{% if network_type == "multivendor" or network_type == "cisco" %}
cisco
{% endif %}
{% if network_type == "multivendor" or network_type == "juniper" %}
juniper
{% endif %}
{% if network_type == "multivendor" or network_type == "arista" %}
arista
{% endif %}

{% if network_type == "multivendor" or network_type == "cisco" %}
[cisco]
{% endif %}
{% if network_type == "arista" %}
[arista]
{% endif %}
{% if network_type == "juniper" %}
[juniper]
{% endif %}
{% for vm in rtr1_node_facts.instances %}
{% if 'student' + item == vm.tags.Student %}
{{ vm.tags.short_name }} ansible_host={{ vm.public_ip_address }} private_ip={{ vm.private_ip_address }}
{% endif %}
{% endfor %}
{% if network_type == "multivendor" %}
[arista]
{% endif %}
{% for vm in rtr2_node_facts.instances %}
{% if 'student' + item == vm.tags.Student %}
{{ vm.tags.short_name }} ansible_host={{ vm.public_ip_address }} private_ip={{ vm.private_ip_address }}
{% endif %}
{% endfor %}
{% for vm in rtr4_node_facts.instances %}
{% if 'student' + item == vm.tags.Student %}
{{ vm.tags.short_name }} ansible_host={{ vm.public_ip_address }} private_ip={{ vm.private_ip_address }}
{% endif %}
{% endfor %}
{% if network_type == "multivendor" %}
[juniper]
{% endif %}
{% for vm in rtr3_node_facts.instances %}
{% if 'student' + item == vm.tags.Student %}
{{ vm.tags.short_name }} ansible_host={{ vm.public_ip_address }} private_ip={{ vm.private_ip_address }}
{% endif %}
{% endfor %}

{% if network_type == "multivendor" or network_type == "cisco" %}
[cisco:vars]
ansible_user=ec2-user
ansible_network_os=ios
ansible_connection=network_cli
{% endif %}

{% if network_type == "multivendor" or network_type == "juniper" %}
[juniper:vars]
ansible_user=ec2-user
ansible_network_os=junos
ansible_connection=netconf
{% endif %}

{% if network_type == "multivendor" or network_type == "arista" %}
[arista:vars]
ansible_user=ec2-user
ansible_network_os=eos
ansible_connection=network_cli
ansible_become=true
ansible_become_method=enable
{% endif %}

[dc1]
rtr1
rtr3

[dc2]
rtr2
rtr4

[windows:vars]
ansible_connection=winrm
ansible_winrm_transport=credssp
ansible_winrm_server_cert_validation=ignore
ansible_port=5986

[windows]
{% for vm in instance1_node_facts.instances %}
{% if 'student' + item == vm.tags.Student %}
{{ vm.tags.short_name }} ansible_host={{ vm.public_ip_address }} ansible_user={{ hostvars['student' + item +'-win1'].ansible_user }} ansible_password="{{ hostvars['student' + item +'-win1'].ansible_user }}"
{% endif %}
{% endfor %}
{% if instance2_node_facts is defined %}
{% if instance2_node_facts.instances is defined %}
{% for vm in instance2_node_facts.instances %}
{% if 'student' + item == vm.tags.Student %}
{{ vm.tags.short_name }} ansible_host={{ vm.public_ip_address }} ansible_user={{ hostvars['student' + item +'-win1'].ansible_user }} ansible_password="{{ hostvars['student' + item +'-win2'].ansible_user }}"
{% endif %}
{% endfor %}
{% endif %}
{% endif %}
{% for vm in windows_node_facts.instances %}
{% if 'student' + item == vm.tags.Student %}
windows-ws ansible_host={{ vm.public_ip_address }} ansible_user={{ vm.tags.username }} ansible_pass={{ windows_password}} ansible_port=5986 ansible_connection=winrm ansible_winrm_server_cert_validation=ignore private_ip={{ hostvars[vm.tags.Name]['private_ip'] }}
{% endif %}
{% endfor %}

[attack]
{% for vm in attacker_node_facts.instances %}
{% if 'student' + item == vm.tags.Student %}
attacker ansible_host={{ vm.public_ip_address }} ansible_user={{ vm.tags.username }} private_ip={{ hostvars[vm.tags.Name]['private_ip'] }} private_ip2={{ hostvars[vm.tags.Name]['private_ip2'] }}
{% endif %}
{% endfor %}

[siem]
{% if security_console == 'splunk' %}
{% for vm in splunk_node_facts.instances %}
{% if 'student' + item == vm.tags.Student %}
splunk ansible_host={{ vm.public_ip_address }} ansible_user=admin private_ip={{ hostvars[vm.tags.Name]['private_ip'] }} ansible_httpapi_pass="Ansible1!" ansible_connection=httpapi ansible_httpapi_use_ssl=yes ansible_httpapi_validate_certs=False ansible_network_os=splunk.enterprise_security.splunk
{% endif %}
{% endfor %}
{% endif %}
{% if security_console == 'qradar' %}
{% for vm in qradar_node_facts.instances %}
{% if 'student' + item == vm.tags.Student %}
qradar ansible_host={{ vm.public_ip_address }} ansible_user=admin private_ip={{ hostvars[vm.tags.Name]['private_ip'] }} ansible_httpapi_pass="Ansible1!" ansible_connection=httpapi ansible_httpapi_use_ssl=yes ansible_httpapi_validate_certs=False ansible_network_os=ibm.qradar.qradar
{% endif %}
{% endfor %}
{% endif %}

[ids]
{% for vm in snort_node_facts.instances %}
{% if 'student' + item == vm.tags.Student %}
snort ansible_host={{ vm.public_ip_address }} ansible_user={{ vm.tags.username }} private_ip={{ hostvars[vm.tags.Name]['private_ip'] }} private_ip2={{ hostvars[vm.tags.Name]['private_ip2'] }}
{% endif %}
{% endfor %}

[firewall]
{% for vm in checkpoint_node_facts.instances %}
{% if 'student' + item == vm.tags.Student %}
checkpoint ansible_host={{ vm.public_ip_address }} ansible_user={{ vm.tags.username }} ansible_password=admin123 private_ip={{ hostvars[vm.tags.Name]['private_ip'] }} ansible_network_os=checkpoint ansible_connection=httpapi ansible_httpapi_use_ssl=yes ansible_httpapi_validate_certs=no
{% endif %}
{% endfor %}
